package com.jiyun.auth.controller;

import com.jiyun.auth.properties.JwtProperties;
import com.jiyun.auth.service.AuthService;
import com.jiyun.leyou.pojo.UserInfo;
import com.jiyun.leyou.util.JwtUtils;
import com.leyou.common.util.CookieUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.CookieValue;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RestController;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

@RestController
@EnableConfigurationProperties(JwtProperties.class) // 开启配置
public class AuthController {

    // 经过Zuul网关

    @Autowired
    AuthService authService;

    @Autowired
    JwtProperties jwtProperties;

    // 得到用户名密码，远程调用user服务的接口进行验证
    // JWT一般是选择存放在Cookie中的
    @PostMapping("valid")
    public ResponseEntity<Void> valid(String username, String password,
                                      HttpServletRequest request,
                                      HttpServletResponse response){
        String token = authService.valid(username,password);

        // 将token，存放入Cookie中
        if(token!=null){
            // Cookie的操作，将cookie发送到前台
            // api.leyou.com/api/auth/valid  接收不到cookie
            // localhost:8087/valid  接收到Cookie
            CookieUtils.setCookie(request,response,"LY_TOKEN",token,jwtProperties.getExpire()*60);
            return ResponseEntity.ok().build();
            // sqlite   小型数据库，专门用于手机端 android 和ios
        }else{
            return ResponseEntity.badRequest().build();
        }

    }

    @GetMapping("verify") // 验证是否已登录！
    public ResponseEntity<UserInfo> verify(@CookieValue("LY_TOKEN")String token, HttpServletRequest request,
                                           HttpServletResponse response){
        // token   - 》 Cookie
        // 1.得到token信息
////        Cookie[] cookies = request.getCookies();
        System.out.println(token);

        // 问题？现在的写法，每过30分钟，就需要重新登录一次
        // 如果用户一直在页面上玩耍，每30分钟登录一次，也是一种极差的体验
        // 把token的时间，延长到30分钟
        // 重新设置一遍

        // 2.得到token之后，验证
        try {
            UserInfo userInfo = JwtUtils.getInfoFromToken(token, jwtProperties.getPublicKey());

            // 3.进行token的时间延长，重新创建一个全新的token，覆盖之前的就可以了
            if(userInfo!=null){
                // 生成新token
                String newToken = JwtUtils.generateToken(userInfo, jwtProperties.getPrivateKey(), jwtProperties.getExpire());
                // 将新token加载到Cookie
                CookieUtils.setCookie(request,response,"LY_TOKEN",newToken,jwtProperties.getExpire()*60);

                return ResponseEntity.ok(userInfo);
            }



            return ResponseEntity.status(HttpStatus.UNAUTHORIZED).build();


        } catch (Exception e) {
            e.printStackTrace();
            // 验证失败
            return ResponseEntity.status(HttpStatus.UNAUTHORIZED).build();
        }


    }


}
